heimdallr-resource 1.0.0.RC1

Sign up to get free protection for your applications and to get access to all the features.
data/.gitignore ADDED
@@ -0,0 +1,4 @@
1
+ *.gem
2
+ .bundle
3
+ Gemfile.lock
4
+ pkg/*
data/.rspec ADDED
@@ -0,0 +1,2 @@
1
+ --color
2
+ --format progress
data/Gemfile ADDED
@@ -0,0 +1,4 @@
1
+ source "http://rubygems.org"
2
+
3
+ # Specify your gem's dependencies in heimdallr-resource.gemspec
4
+ gemspec
data/LICENSE ADDED
@@ -0,0 +1,19 @@
1
+ Copyright (C) 2012 Peter Zotov <whitequark@whitequark.org>
2
+
3
+ Permission is hereby granted, free of charge, to any person obtaining a copy of
4
+ this software and associated documentation files (the "Software"), to deal in
5
+ the Software without restriction, including without limitation the rights to
6
+ use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
7
+ of the Software, and to permit persons to whom the Software is furnished to do
8
+ so, subject to the following conditions:
9
+
10
+ The above copyright notice and this permission notice shall be included in all
11
+ copies or substantial portions of the Software.
12
+
13
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
14
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
15
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
16
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
17
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
18
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
19
+ SOFTWARE.
data/README.md ADDED
@@ -0,0 +1,69 @@
1
+ Heimdallr Resource
2
+ ==================
3
+
4
+ Heimdallr Resource is a gem which provides CanCan-like interface for writing secure
5
+ controllers on top of [Heimdallr](http://github.com/roundlake/heimdallr)-protected
6
+ models.
7
+
8
+ ``` ruby
9
+ class CricketController < ApplicationController
10
+ include Heimdallr::Resource
11
+
12
+ load_and_authorize_resource
13
+
14
+ # or set the name explicitly:
15
+ #
16
+ # load_and_authorize_resource :resource => :cricket
17
+
18
+ # if nested:
19
+ #
20
+ # routes.rb:
21
+ # resources :categories do
22
+ # resources :crickets
23
+ # end
24
+ #
25
+ # load_and_authorize_resource :through => :category
26
+
27
+ def index
28
+ # @crickets is loaded and secured here
29
+ end
30
+ end
31
+ ```
32
+
33
+ Overview
34
+ --------
35
+
36
+ API of Heimdallr Resource basically consists of two methods, `load_resource` and `authorize_resource`.
37
+ Both work by adding a filter in standard Rails filter chain and obey the `:only` and `:except` options.
38
+
39
+ `load_resource` loads a record or scope and wraps it in a Heimadllr proxy. For `index` action, a scope is
40
+ loaded. For `show`, `new`, `create`, `edit`, `update` and `destroy` a record is loaded. No further action
41
+ is performed by Heimdallr Resource.
42
+
43
+ `authorize_resource` verifies if the current security context allows for creating or updating the records.
44
+ The checks are performed for `new`, `create`, `edit` and `update` actions.
45
+
46
+ License
47
+ -------
48
+
49
+ Copyright (C) 2012 Peter Zotov <whitequark@whitequark.org>
50
+
51
+ Funded by Round Lake.
52
+
53
+ Permission is hereby granted, free of charge, to any person obtaining a copy of
54
+ this software and associated documentation files (the "Software"), to deal in
55
+ the Software without restriction, including without limitation the rights to
56
+ use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
57
+ of the Software, and to permit persons to whom the Software is furnished to do
58
+ so, subject to the following conditions:
59
+
60
+ The above copyright notice and this permission notice shall be included in all
61
+ copies or substantial portions of the Software.
62
+
63
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
64
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
65
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
66
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
67
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
68
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
69
+ SOFTWARE.
data/Rakefile ADDED
@@ -0,0 +1 @@
1
+ require "bundler/gem_tasks"
@@ -0,0 +1,21 @@
1
+ # -*- encoding: utf-8 -*-
2
+ $:.push File.expand_path("../lib", __FILE__)
3
+
4
+ Gem::Specification.new do |s|
5
+ s.name = "heimdallr-resource"
6
+ s.version = "1.0.0.RC1"
7
+ s.authors = ["Peter Zotov", "Boris Staal"]
8
+ s.email = ["whitequark@whitequark.org", "boris@roundlake.ru"]
9
+ s.homepage = "http://github.com/roundlake/heimdallr-resource"
10
+ s.summary = %q{Heimdallr-Resource provides CanCan-like interface for Heimdallr-secured objects.}
11
+ s.description = s.summary
12
+
13
+ s.files = `git ls-files`.split("\n")
14
+ s.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
15
+ s.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
16
+ s.require_paths = ["lib"]
17
+
18
+ # specify any dependencies here; for example:
19
+ s.add_development_dependency "rspec"
20
+ s.add_runtime_dependency "heimdallr"
21
+ end
@@ -0,0 +1,102 @@
1
+ module Heimdallr
2
+ # {AccessDenied} exception is to be raised when access is denied to an action.
3
+ class AccessDenied < StandardError; end
4
+
5
+ module ResourceImplementation
6
+ class << self
7
+ def prepare_options(klass, resource, options)
8
+ options.merge! :resource => (resource || klass.name.to_s.underscore)
9
+
10
+ filter_options = {}
11
+ filter_options[:only] = options.delete(:only) if options.has_key?(:only)
12
+ filter_options[:except] = options.delete(:except) if options.has_key?(:except)
13
+
14
+ [ options, filter_options ]
15
+ end
16
+
17
+ def load(controller, options)
18
+ unless controller.instance_variable_defined?(ivar_name(controller, options))
19
+ if options.has_key? :through
20
+ if options[:singleton]
21
+ scope = controller.instance_variable_get(:"@#{options[:through]}").
22
+ send(:"#{options[:resource]}")
23
+ else
24
+ scope = controller.instance_variable_get(:"@#{options[:through]}").
25
+ send(:"#{options[:resource].pluralize}")
26
+ end
27
+ else
28
+ scope = options[:resource].constantize.scoped
29
+ end
30
+
31
+ case controller.params[:action]
32
+ when 'index'
33
+ controller.instance_variable_set(ivar_name(controller, options), scope)
34
+ when 'new', 'create'
35
+ controller.instance_variable_set(ivar_name(controller, options,
36
+ scope.new(controller.params[options[:resource]])))
37
+ when 'show', 'edit', 'update', 'destroy'
38
+ controller.instance_variable_set(ivar_name(controller, options,
39
+ scope.find(controller.params[:"#{options[:resource]}_id"] ||
40
+ controller.params[:id])))
41
+ end
42
+ end
43
+ end
44
+
45
+ def authorize(controller, options)
46
+ controller.instance_variable_set(ivar_name(controller, options.merge(:insecure => true)),
47
+ controller.instance_variable_get(ivar_name(controller, options)))
48
+
49
+ value = controller.instance_variable_get(ivar_name(controller, options)).
50
+ restrict(controller.security_context)
51
+ controller.instance_variable_set(ivar_name(controller, options), value)
52
+
53
+ case controller.params[:action]
54
+ when 'new', 'create'
55
+ unless value.reflect_on_security[:operations].include? :create
56
+ raise Heimdallr::AccessDenied, "Cannot create model"
57
+ end
58
+ when 'edit', 'update'
59
+ unless value.reflect_on_security[:operations].include? :update
60
+ raise Heimdallr::AccessDenied, "Cannot update model"
61
+ end
62
+ end
63
+ end
64
+
65
+ def ivar_name(controller, options)
66
+ if controller.params[:action] == 'index'
67
+ :"@#{options[:resource].pluralize}"
68
+ else
69
+ :"@#{options[:resource]}"
70
+ end
71
+ end
72
+ end
73
+ end
74
+
75
+ # {Resource} is a mixin providing CanCan-like interface for Rails controllers.
76
+ module Resource
77
+ extend ActiveSupport::Concern
78
+
79
+ module ClassMethods
80
+ def load_and_authorize_resource(resource, options={})
81
+ load_resource(resource, options)
82
+ authorize_resource(resource, options)
83
+ end
84
+
85
+ def load_resource(resource=nil, options={})
86
+ options, filter_options = Heimdallr::ResourceImplementation.prepare_options(self, resource, options)
87
+
88
+ before_filter filter_options do |controller|
89
+ Heimdallr::ResourceImplementation.load(controller, options)
90
+ end
91
+ end
92
+
93
+ def authorize_resource(resource=nil, options={})
94
+ options, filter_options = Heimdallr::ResourceImplementation.prepare_options(self, resource, options)
95
+
96
+ before_filter filter_options do |controller|
97
+ Heimdallr::ResourceImplementation.authorize(controller, options)
98
+ end
99
+ end
100
+ end
101
+ end
102
+ end
@@ -0,0 +1,11 @@
1
+ # This file was generated by the `rspec --init` command. Conventionally, all
2
+ # specs live under a `spec` directory, which RSpec adds to the `$LOAD_PATH`.
3
+ # Require this file using `require "spec_helper.rb"` to ensure that it is only
4
+ # loaded once.
5
+ #
6
+ # See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
7
+ RSpec.configure do |config|
8
+ config.treat_symbols_as_metadata_keys_with_true_values = true
9
+ config.run_all_when_everything_filtered = true
10
+ config.filter_run :focus
11
+ end
metadata ADDED
@@ -0,0 +1,80 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: heimdallr-resource
3
+ version: !ruby/object:Gem::Version
4
+ version: 1.0.0.RC1
5
+ prerelease: 6
6
+ platform: ruby
7
+ authors:
8
+ - Peter Zotov
9
+ - Boris Staal
10
+ autorequire:
11
+ bindir: bin
12
+ cert_chain: []
13
+ date: 2012-04-02 00:00:00.000000000 Z
14
+ dependencies:
15
+ - !ruby/object:Gem::Dependency
16
+ name: rspec
17
+ requirement: &70147248384600 !ruby/object:Gem::Requirement
18
+ none: false
19
+ requirements:
20
+ - - ! '>='
21
+ - !ruby/object:Gem::Version
22
+ version: '0'
23
+ type: :development
24
+ prerelease: false
25
+ version_requirements: *70147248384600
26
+ - !ruby/object:Gem::Dependency
27
+ name: heimdallr
28
+ requirement: &70147248383900 !ruby/object:Gem::Requirement
29
+ none: false
30
+ requirements:
31
+ - - ! '>='
32
+ - !ruby/object:Gem::Version
33
+ version: '0'
34
+ type: :runtime
35
+ prerelease: false
36
+ version_requirements: *70147248383900
37
+ description: Heimdallr-Resource provides CanCan-like interface for Heimdallr-secured
38
+ objects.
39
+ email:
40
+ - whitequark@whitequark.org
41
+ - boris@roundlake.ru
42
+ executables: []
43
+ extensions: []
44
+ extra_rdoc_files: []
45
+ files:
46
+ - .gitignore
47
+ - .rspec
48
+ - Gemfile
49
+ - LICENSE
50
+ - README.md
51
+ - Rakefile
52
+ - heimdallr-resource.gemspec
53
+ - lib/heimdallr/resource.rb
54
+ - spec/spec_helper.rb
55
+ homepage: http://github.com/roundlake/heimdallr-resource
56
+ licenses: []
57
+ post_install_message:
58
+ rdoc_options: []
59
+ require_paths:
60
+ - lib
61
+ required_ruby_version: !ruby/object:Gem::Requirement
62
+ none: false
63
+ requirements:
64
+ - - ! '>='
65
+ - !ruby/object:Gem::Version
66
+ version: '0'
67
+ required_rubygems_version: !ruby/object:Gem::Requirement
68
+ none: false
69
+ requirements:
70
+ - - ! '>'
71
+ - !ruby/object:Gem::Version
72
+ version: 1.3.1
73
+ requirements: []
74
+ rubyforge_project:
75
+ rubygems_version: 1.8.15
76
+ signing_key:
77
+ specification_version: 3
78
+ summary: Heimdallr-Resource provides CanCan-like interface for Heimdallr-secured objects.
79
+ test_files:
80
+ - spec/spec_helper.rb